rpms/GraphicsMagick/devel GraphicsMagick-palm.patch, NONE, 1.1 GraphicsMagick.spec, 1.8, 1.9
Andreas Thienemann (ixs)
fedora-extras-commits at redhat.com
Wed Mar 7 10:17:51 UTC 2007
- Previous message (by thread): rpms/GraphicsMagick/FC-6 GraphicsMagick-palm.patch, NONE, 1.1 GraphicsMagick.spec, 1.7, 1.8
- Next message (by thread): rpms/bogofilter/FC-5 .cvsignore, 1.2, 1.3 bogofilter.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ixs
Update of /cvs/extras/rpms/GraphicsMagick/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31393/devel
Modified Files:
GraphicsMagick.spec
Added Files:
GraphicsMagick-palm.patch
Log Message:
* Wed Mar 07 2007 Andreas Thienemann <andreas at bawue.net> - 1.1.7-7
- Fix potential CVE-2007-0770 issue.
GraphicsMagick-palm.patch:
--- NEW FILE GraphicsMagick-palm.patch ---
--- graphicsmagick-1.1.7.orig/coders/dcm.c
+++ graphicsmagick-1.1.7/coders/dcm.c
@@ -3022,7 +3022,7 @@
/*
Photometric interpretation.
*/
- for (i=0; i < (long) length; i++)
+ for (i=0; i < (long) Min(length, MaxTextExtent-1); i++)
photometric[i]=data[i];
photometric[i]='\0';
break;
--- graphicsmagick-1.1.7.orig/coders/palm.c
+++ graphicsmagick-1.1.7/coders/palm.c
@@ -541,7 +541,8 @@
image->compression = RLECompression;
for (i = 0; i < (long) bytes_per_row; )
{
count = ReadBlobByte(image);
+ count = Min(count, bytes_per_row-i);
byte = ReadBlobByte(image);
memset(one_row + i, (int) byte, count);
i += count;
@@ -579,6 +579,8 @@
indexes=GetIndexes(image);
if(bits_per_pixel == 16)
{
+ if (image->columns > 2*bytes_per_row)
+ ThrowReaderException(CorruptImageError,CorruptImage,image);
for (x=0; x < (long) image->columns; x++)
{
color16 = (*ptr++ << 8);
@@ -595,6 +597,8 @@
bit = 8 - bits_per_pixel;
for(x = 0; x < (long) image->columns; x++)
{
+ if (ptr - one_row >= bytes_per_row)
+ ThrowReaderException(CorruptImageError,CorruptImage,image);
index =(IndexPacket) (mask - (((*ptr) & (mask << bit)) >> bit));
indexes[x] = index;
*q++ = image->colormap[index];
Index: GraphicsMagick.spec
===================================================================
RCS file: /cvs/extras/rpms/GraphicsMagick/devel/GraphicsMagick.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- GraphicsMagick.spec 1 Dec 2006 19:46:02 -0000 1.8
+++ GraphicsMagick.spec 7 Mar 2007 10:17:19 -0000 1.9
@@ -1,12 +1,12 @@
Summary: An ImageMagick fork, offering faster image generation and better quality
Name: GraphicsMagick
Version: 1.1.7
-Release: 6%{?dist}
+Release: 7%{?dist}
License: MIT
Group: Applications/Multimedia
Source0: http://download.sourceforge.net/graphicsmagick/GraphicsMagick-%{version}.tar.bz2
Patch0: GraphicsMagick-gslib.patch
-
+Patch1: GraphicsMagick-palm.patch
Url: http://www.graphicsmagick.org/
Buildroot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: bzip2-devel, freetype-devel, libjpeg-devel, libpng-devel
@@ -16,12 +16,7 @@
BuildRequires: ghostscript-devel
BuildRequires: libwmf-devel
BuildRequires: lcms-devel, libxml2-devel, librsvg2-devel
-%if 0%{?fedora} > 4 || 0%{?rhel} > 4
-%define x_deps libX11-devel libXext-devel libXt-devel
-%else
-%define x_deps xorg-x11-devel
-%endif
-BuildRequires: %{x_deps}
+BuildRequires: libX11-devel libXext-devel libXt-devel
%description
GraphicsMagick is a comprehensive image processing package which is initially
@@ -33,13 +28,8 @@
Summary: Static libraries and header files for GraphicsMagick app development
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
-Requires: %{x_deps}
-Requires: ghostscript-devel
-Requires: bzip2-devel
-Requires: libtiff-devel
-Requires: libjpeg-devel
-Requires: lcms-devel
-Requires: pkgconfig
+Requires: ghostscript-devel, bzip2-devel, libtiff-devel, libjpeg-devel
+Requires: lcms-devel, pkgconfig, libX11-devel, libXext-devel, libXt-devel
%description devel
GraphicsMagick-devel contains the static libraries and header files you'll
@@ -98,6 +88,7 @@
%prep
%setup -q
%patch0 -p 1 -b .gslib
+%patch1 -p 1 -b .palm
# Regenerating configure script
autoconf
@@ -181,11 +172,6 @@
#endif
EOF
-%if "%{?rhel}" == "4"
-# el4/ImageMagick conflicts
-rm -f %{buildroot}%{_mandir}/man{4/miff.4,5/quantize.5}*
-%endif
-
%clean
rm -rf %{buildroot}
@@ -240,7 +226,11 @@
%{_mandir}/man3/*
%doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
+
%changelog
+* Wed Mar 07 2007 Andreas Thienemann <andreas at bawue.net> - 1.1.7-7
+- Fix potential CVE-2007-0770 issue.
+
* Fri Dec 01 2006 Rex Dieter <rexdieter[AT]users.sf.net> - 1.1.7-6
- *really* fix magick_config-64.h (bug #217959)
- make buildable on rhel4 too.
- Previous message (by thread): rpms/GraphicsMagick/FC-6 GraphicsMagick-palm.patch, NONE, 1.1 GraphicsMagick.spec, 1.7, 1.8
- Next message (by thread): rpms/bogofilter/FC-5 .cvsignore, 1.2, 1.3 bogofilter.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list